Router setup for a Cable or DSL modem.

Quote testimony at US Congressional hearing on Cybersecurity:

"90% of cyber attacks could have been prevented by implementing basic "Best Practices" by IT departments!"

Cheri McGuire
Symantec Corp Global Government Affairs and Cybersecurity Policy VP

When is a router a cable/DSL modem? Well they can be both or different. I am not here to confuse you but the terminology for these devices varies with whom you talk to. So for the sake of simplicity I will call it a Router, because that is what it does. It routes your network activity to the World Wide Web or your local network.

So what you going to do? I mean you have Windows and it has a firewall right? Well yes and no..... XP/Vista/Windows 7 / 8 / 10's firewall is ok, but it has deficiencies, most software firewalls do. When you want to keep the hackers/thieves/criminals at bay you need a hardware solution, because hardware can do more than software.

So what can hardware do for me that MS can't? Well for one thing it can make your computer disappear from the www and the hackers will lose interest in trying to get into your computer.

It can also stop a Trojan (if you get infected by a virus) from calling home and giving away your personal information.

The 5 Steps to high quality and cheap DIY Computer Repairs Get It Today...

So you say I need to buy another piece of equipment. No, you can rely on the built in firewall that is provided by the OS. This is the same concept as a back up: How much is your data and/or family's security worth? Besides routers are not that expensive, less than $100.

Now your have your router what is the next step?

Router setup:

Before you get carried away with excitement this is important: Your connect Speed and Duplex have to match the router exactly! Check the documentation on how to set the "Speed and Duplex" for your network card before connecting to the router.

I will do the router setup step by step, I am going to use a Linksys router for my examples because I have one and am familiar with the process of setting it up, most if not all will have the same features, they may be named differently (proprietary information) or be in different steps but ultimately will have a process to do the job.

1) Connection - Depending on the router you have you will have two types of connections on the back of the box. One should be labeled LAN and one should be labeled WAN. (LAN is Local Area Network - i.e. your house or business, WAN is Wide Area Network - the connection to your ISP).

2) First locate the WAN connection, the cable from your DSL or Cable modem will go here.

3) Locate the LAN connection(s) your computer(s) will connect here. (Depending on the router you have you may have one or more LAN connection ports - called RJ45 ports)

4) Connect your primary computer to a LAN connection, power up the router and your computer.

5) Open your browser, type in 192.168.1.1 (check your documentation for your router if it is not a Linksys, the IP may be different.). Press enter, you should get a box for a login. Enter the user id (if required) and the password provided by the manufacture.

6) You should be at the main screen of the setup program. From here we will setup your router to block all incoming ping, udp , and whois requests. (Make your home or business invisible!)

Router setup status page:

For the most part all of the screens that you have available can be changed but it is best to leave them at the default settings unless you have a need to change something.

Before I go to the two screens of interest I will point out that the status screen will be of interest to you from time to time. If you look down towards the middle you will see the ip address that the ISP has assigned your router, if you have not connected it to the WAN don't worry it will be populated as soon as you do. It should be something like this:

If you look under this table you will see two buttons:

Router setup DHCP Release and DHCP Renew

You can get a new IP address or release your current address and get a new one if you are having connection problems.

To the actual pages that you need to modify, these pages are on the top row of the header:

Router setup Password page:

Router Password: Change the default password here! Make it something you know that the average person on the street would not know about you, something unique that you will remember five days from now, or write it down if you use a complex password.

UPnP Services: Disable  (This stops the Universal Plug and Play process from connecting with out your knowledge)

Restore Factory Defaults: This is good for when the router is not performing and you need to reset it, leave it at 'NO' for now. (Only change this if directed by the manufacture's tech support.)

Router setup DHCP page:

DHCP Server: 'Enable '

Starting IP Address:  192.168.1.X (you can add a number here to be the first IP address the router will give out, say 50 or 100, anything above two.

Number of DHCP Users: 4 (set this to the maximum of computers you have connected to the router physically, do not go over the number of connections. This will preclude someone from connecting to your router with out your knowledge, and believe me if they can they will!)

On the top of the page look for router setup Advanced Setup, click it.

What we are interested in is at the bottom of the page:

I have highlighted the two that should be enabled and the four that should be disabled.

This is what makes your router and your computer invisible: Block WAN Request.

IPSec pass through will play havoc with your browser and email leave disabled.

PPTP and L2TP are VLan ports unless you have reason to turn on leave disabled.

Router setup Remote Management, disable this, only enable if you are taking to the manufactures tech support, they may want to get into the router to download the diagnostics.

Use default MTU leave enabled this is for the default packet size for data being sent out to the WAN. On some WAN's you can change this property to increase or decrease the packet size of each request, this could either increase or decrease your connect speed, use caution when modifying the MTU.

There are other items that are of interest to a more advanced user, such as Filtering, you can use the built in help to read up on these. If you have a child that uses the internet you can set a filter for either the software (NetNanny) or the computer here.

Router setup Forwarding page:

Quote the page:
"UPnP Port Forwarding allows Internet Users to access Servers on your LAN. It also allows you to configure two-way communications, Game Servers, and other Internet applications with special requirements."

What this means to you is lets say you have a accounting package that requires a certain port or ports to communicate with your bank. You can set a range of ports say 1800 to 1900 or set single ports 1801 and 1901 for the package. Only traffic from that package will go through those ports. Check your software documentation or help files for any application that should connect to the internet or specific host and does not.

That is all there is for you to do. Now if you are a tinker and want to do more then I suggest you look at the built in help file and do a search on the internet for 'Firewalls' and 'Proxy' there is a ton of information about what application uses what port or what port(s) the hackers like the best and so on.

Reset the router -

The Linksys routers (and switches or hubs) have a small reset button on the back of the router. Using a ball point pen or a very small screw driver you can reset the router to factory defaults by pressing the button and holding it in for about ten seconds. The router must be powered up for this to take effect. The best way to reset the router to factory defaults is to use the router setup web page.

If you are setting up a Wireless Router you need to check this important page for the router setup about securing your wireless router and wireless adapters! Most Important!

Note: Users with XP, Vista, and Windows 7/8/10 should read the Windows Firewall Service page for more information.

Over the last five or six months I have been getting emails asking for a recommendation when this page is read. I have been using Linksys (Cisco Co.) products for a long time I can attest to the robustness of their products so I will recommend two products that I use everyday and in over seven years (yes my router and switches are that old!) I have not had one failure.

Note: In the Advanced Computer Repair Techniques Servers section there is an article about a router setup for a DMZ (click here) to have a web server outside your router firewall, check the image I made of what a typical setup would look like, just disregard the section that is the DMZ, with a cable/DSL modem and a home/small business router you would have TWO firewalls between your computer/network and the internet. Increased protection against being hacked!